如何使用ASP.NET从个人存储库加载客户端证书

如何使用ASP.NET从个人存储库加载客户端证书?

如果可能的话，我可以用它加密数据吗?

为此，我用ASP创建了一个应用程序。. NET 2.0，检索安装在客户端证书存储库(个人)中的所有证书，以便用它创建数字签名。

但它不工作，我不知道是什么问题

// ...
using System.Security.Cryptography.X509Certificates;
namespace WebApplication4
{
    public partial class _Default : System.Web.UI.Page
    {
        public static string ToHexString(byte[] bytes)
        {
           // ...
        }
        protected void btnSignature_Click(object sender, EventArgs e)
        {
            X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
            store.Open(OpenFlags.OpenExistingOnly);
            X509Certificate2Collection certificates = store.Certificates;
            int a = certificates.Count;
            lbCertCount.Text = System.Convert.ToString(a);
            if (a > 0)
            {
                X509Certificate2 certificate = certificates[1];
                string publicKey = certificate.GetPublicKeyString();
                lbMypublicKey.Text = publicKey + "<br/>";
                // AsymmetricAlgorithm privateKey = certificate.PrivateKey;
                RSACryptoServiceProvider privateKey = certificate.PrivateKey as RSACryptoServiceProvider;
                // test message 
                byte[] buffer = Encoding.Default.GetBytes("Welcome");
                byte[] signature = privateKey.SignData(buffer, new SHA1Managed());
                string me = ToHexString(signature);
                lbSignature.Text = me;

                RSACryptoServiceProvider publicKey1 = certificate.PublicKey.Key as RSACryptoServiceProvider;
                bool verify = publicKey1.VerifyData(buffer, new SHA1Managed(), signature);
                if (verify == true)
                {
                    lbControl.Text = "Signature valid";
                }
                else
                {
                    lbControl.Text = "Signature not Valid";
                }
            }
        }
    }
}

<identity impersonate="true" />